Allow @ character in usernames (#37)

PR #9 unintentionally exposed the validation that prevented the @ character in usernames. We have decided there is no reason to block this character. Fixes #36
2026-05-23 17:08:53 +00:00 · 2020-11-13 15:52:20 -08:00 · 2020-11-13 15:52:20 -08:00 · 8f435a95ba
commit 8f435a95ba
parent 6cbd10965c
2 changed files with 7 additions and 23 deletions
--- a/server/service/service_users_test.go
+++ b/server/service/service_users_test.go
@ -338,7 +338,7 @@ func TestRequestPasswordReset(t *testing.T) {
 func TestCreateUserWithInvite(t *testing.T) {
 	ds, _ := inmem.New(config.TestConfig())
 	svc, _ := newTestService(ds, nil, nil)
-	invites := setupInvites(t, ds, []string{"admin2@example.com"})
+	invites := setupInvites(t, ds, []string{"admin2@example.com", "admin3@example.com"})
 	ctx := context.Background()

 	var newUserTests = []struct {
@ -390,13 +390,12 @@ func TestCreateUserWithInvite(t *testing.T) {
 			wantErr:            &invalidArgumentError{{name: "invite_token", reason: "Invite token has expired."}},
 		},
 		{
-			Username:           stringPtr("@admin2"),
+			Username:           stringPtr("admin3@example.com"),
 			Password:           stringPtr("foobarbaz1234!"),
-			Email:              stringPtr("admin2@example.com"),
+			Email:              stringPtr("admin3@example.com"),
 			NeedsPasswordReset: boolPtr(true),
 			Admin:              boolPtr(false),
-			InviteToken:        &invites["admin2@example.com"].Token,
-			wantErr:            &invalidArgumentError{invalidArgument{name: "username", reason: "'@' character not allowed in usernames"}},
+			InviteToken:        &invites["admin3@example.com"].Token,
 		},
 	}

@ -411,13 +410,11 @@ func TestCreateUserWithInvite(t *testing.T) {
 			}
 			user, err := svc.CreateUserWithInvite(ctx, payload)
 			if tt.wantErr != nil {
-				require.Equal(t, tt.wantErr.Error(), err.Error())
-			}
-			if err != nil {
-				// skip rest of the test if error is not nil
+				require.Error(t, err)
+				assert.Equal(t, tt.wantErr.Error(), err.Error())
 				return
 			}
-
+			require.NoError(t, err)
 			assert.NotZero(t, user.ID)

 			err = user.ValidatePassword(*tt.Password)
--- a/server/service/validation_users.go
+++ b/server/service/validation_users.go
@ -3,7 +3,6 @@ package service
 import (
 	"context"
 	"errors"
-	"strings"
 	"unicode"

 	"github.com/fleetdm/fleet/server/contexts/viewer"
@ -18,10 +17,6 @@ func (mw validationMiddleware) CreateUserWithInvite(ctx context.Context, p kolid
 		if *p.Username == "" {
 			invalid.Append("username", "cannot be empty")
 		}
-
-		if strings.Contains(*p.Username, "@") {
-			invalid.Append("username", "'@' character not allowed in usernames")
-		}
 	}

 	// we don't need a password for single sign on
@ -68,10 +63,6 @@ func (mw validationMiddleware) CreateUser(ctx context.Context, p kolide.UserPayl
 		if *p.Username == "" {
 			invalid.Append("username", "username cannot be empty")
 		}
-
-		if strings.Contains(*p.Username, "@") {
-			invalid.Append("username", "'@' character not allowed in usernames")
-		}
 	}

 	// we don't need a password for single sign on
@ -110,10 +101,6 @@ func (mw validationMiddleware) ModifyUser(ctx context.Context, userID uint, p ko
 		if *p.Username == "" {
 			invalid.Append("username", "cannot be empty")
 		}
-
-		if strings.Contains(*p.Username, "@") {
-			invalid.Append("username", "'@' character not allowed in usernames")
-		}
 	}

 	if p.Name != nil {